NTT Security has launched a new cybersecurity innovation programme in the UK. The plan is to find new solutions to create sustainable and resilient cyber architectures. The announcement is the latest in a series of blogs and announcements since June as NTT Security finds its feet as a separate company.
According to Dave Polton, Chief Technology Architect at NTT Security: “Most businesses are striving for increased cyber confidence or capabilities, but the security product landscape is vast, complex and dynamic. A change in approach is therefore needed and we believe that innovation should be at the heart of the security industry. We recognise that businesses want solutions that will make cybersecurity tasks easier and faster, and our UK Cyber Security Innovation Programme is designed to deliver the strategic planning, business context and agnostic evaluation to enable this.”
20 vendors already signed up
NTT Security says 20 vendors have already signed up to its Cyber Security Innovation Programme. There is no list of who those vendors are nor is there a public sign-up page. Vendors have to set-up 1-1 discussions with NTT Security to map their solutions to NTT requirements. Anyone wanting to get involved can register via the resource centre link. This will also give them access to the documentation. They can also call the NTT Security team on 0118 930 6060.
We don’t know who these partners are just that NTT Security says they are: “..largely operating in machine based learning as well as isolation, deception and intelligence based solutions.” It will be interesting to see what solutions come out of this. Will they be standalone solutions from partners? Will they be part of a more integrated NTT Security solution? We won’t know until we see something and NTT Security are also keeping release dates close to their chest.
Blogs point to a range of possibilities
Over the last two months NTT has released a number of blogs talking about the need for more innovation. The first is from Polton and entitled Why innovation matters in cybersecurity. In this blog he focuses on two quotes from Albert Enstein and their relevance to security. The first is:
“We can’t solve problems by using the same kind of thinking we used when we created them.”
This is very true of the security industry. Security vendors use the same tools, languages and processes that have created today’s software. This means they are just as likely to suffer from bugs and vulnerabilities as any other piece of software. Time to market is a critical business issue. There is no time to create the ultimate security tool. All vendors can do is try and introduce better controls and processes inside their organisations.
Attackers are better at collaborating and innovating than security companies and enterprises. They have a different mindset that enables them to put aside commercial differences and focus on results. This will always give them the edge over security vendors and their customers.
Bolton’s second Enstein quote is:
“A person who never made a mistake never tried anything new.”
Businesses are increasingly being urged to “fail often and fail quickly” in order to innovate. When applied to security it is more likely to be seen as reckless risk taking. However, Polton believes one reason security teams don’t try something new is: “..it can be challenging to identify where to invest in order to get the best result [and] where not to invest and further add to complexity.” This is why Bolton believes companies need to move to a more fluid approach for security. That approach is this new Cyber Security Innovation Programme.
Seven areas in which we might see new solutions
The second of the two blogs that is worth reading comes from Garry Sidaway, SVP Security Strategy & Alliances at NTT Security. Sidaway calls out six technologies that are emerging to protect businesses. These are:
- Cognitive Intelligence
Sidaway’s blog entitled Innovation Technologies in Cyberspace gives more detail on each technology. It will be interesting to see how many of the 20 vendors NTT Security is working with announce tools in these areas. Sidaway doesn’t talk about how these tools become part of a fluid platform as espoused by Polton.
Sidaway sums up the need for innovation in the blog’s conclusion: “..with many businesses looking to adopt innovation technologies, it’s important to note that security must be embedded into the business from the beginning – not seen as an afterthought and bolted on. Only then can businesses be better prepared for a cyber attack, and see value in their investments.”
The security market knows that it is losing the war to a better armed and more agile opponent. NTT Security is trying to change the way it and its customers approach security. Can NTT Security create a fluid security solution that can easily add new technologies? Will it be able to solve the weakness of existing platforms where gaps between products and vendors are easily exploited by attackers?
Can NTT Security really deliver a resilient Cyber Defence Architecture dynamic enough to repel all attackers? More importantly can it really do this across on-premises and cloud architectures?